Security Analyst for Infected Websites (Contract) jobs in United States
cer-icon
Apply on Employer Site
company-logo

Defiant ยท 3 months ago

Security Analyst for Infected Websites (Contract)

positionUnited States
timeContract
remoteRemote
seniorityMid Level
date3+ years exp

Defiant is a leading company in WordPress security, protecting over 5 million websites. They are seeking a Security Analyst to assist customers with site intrusions, repair compromised sites, and improve threat detection through evidence collection and analysis.

Cloud SecurityComputerNetwork Security
check
H1B Sponsor Likelynote

Responsibilities

Assist customers and investigate site intrusions, as well as repair their sites and remove all traces of compromise
Collect and process evidence from intrusions that will help improve our threat detection
Determine how the intrusion occurred, collect all IOCs (indicators of compromise), and work with our Threat Intelligence team on vulnerability research and malware signature development
Triage and validate vulnerability reports submitted through our Bug Bounty Program
Assess impact to prioritize submissions, reproduce and analyze vulnerabilities in controlled environments, and identify root causes in source code
Document findings, recommend fixes or custom firewall rules, and propose bounty amounts based on severity and impact
Collaborate with developers, customer support, and disclosure teams, as well as validate that patches are sufficient once released

Qualification

WordPressLinux administrationMySQLVulnerability researchPHPRegular expressionsAnalytical abilityCommunication skillsAttention to detailTeamwork

Required

3+ years of experience with WordPress required
Technical experience with common web application based vulnerabilities in WordPress plugins and themes
A solid understanding of WordPress hooks, how they are used, and how they can lead to vulnerabilities
Experience with administering multiple Linux stacks. (We don't support Windows.)
Experience with MySQL
2+ years of experience conducting remediation of compromised websites, including analysis of how the intrusion occurred, removing the intrusion vector, and restoring the site to a fully functional state
A solid understanding of regular expressions. Must be able to write expressions on the fly to match and remove only malicious code (often polymorphic) without affecting any legitimate code and to write malware signatures for our products
Ability to write and read PHP, regular expressions, cron jobs, and JavaScript
Understanding of all major vulnerability types and the ability to explain them to a customer in terms they can understand
Ability to analyze log files and determine how an intrusion occurred
Highly technical and comfortable with a wide range of open source tools such as grep, find, etc
Excellent written and verbal communication skills
Ability to interact with customers professionally
Work well in a team and work independently without additional guidance
Excellent analytical ability, ability to think outside of the box, and an eagerness to learn
Must have attention to detail

Preferred

Experience in vulnerability research is a plus, which includes: Ability to develop proof of concepts programmatically or conceptually to test the exploitability of vulnerabilities, and the general ability to read/understand programmatic and conceptual proof of concepts
Ability to replicate the exploitability of vulnerabilities in a test environment
Ability to review source code changes to determine if a vulnerability was patched and what the patch was for
Experience generating/modifying HTTP requests
Experience working with BURP suite or similar proxy software and a PHP debugger
Certifications in penetration testing or forensics are a strong plus

Benefits

Full-time telecommuting with a company that has been 100% remote for over 8 years.

Company

Defiant

twittertwitter
company-logo
Defiant is the global leader in WordPress security. They protect your assets, team and customers from known and emerging threats.
dateFounded in 2011
location
Seattle, Washington, USA
people-size11-50 employees
web-link
https://www.defiant.com/

H1B Sponsorship

Defiant has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2023 (1)

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Kerry Boyte
Co-Founder and COO
linkedin
M
Mark Maunder
CTO @ Defiant Inc
linkedin

Recent News

Security Week
In Other News: Gladinet Flaw Exploitation, Attacks on ICS Honeypot, ClayRat Spyware
2025-10-11
SC Media
Widespread WordPress site takeover possible with plugin flaw
2025-07-04
Company data provided by crunchbase